Remarks 

This communication is considered fully responsive to the first Office Action 
mailed January 30, 2007. Claims 1-20 were examined. Claims 1-20 stand rejected. 
Claims 1-4, 6-8, 10-12, 16 and 20 have been amended. No claims have been canceled 
or added. Reexamination and reconsideration of claims 1-20 are respectfully 
requested. 

Objection to the Specification 

The Office Action objected to the Abstract, because of the use of the phrase 
"then use" in line 14 and a request was made to change the phrase to "then uses." 
However, the phrase refers back to two items, the client and the system node. 
Consequently, the Applicant respectfully asserts that the word "use" is proper, not 
"uses," and no correction is required. 

Claim Objections 

The Office Action objected to claims 6, 8, 11, 12 and 20 due to informalities. 
These claims have been amended to correct the errors. Claim 7 has also been amended 
to correct an informality. 

Double Patenting Rejection 

The Office Action rejected Claim 12 under statutory (§1 01) double patenting as 
claiming the same invention as that of claim 1 1 of commonly -owned, co-pending U.S. 
Patent Application No. 10/726,231. The Applicant notes that the claims of the co- 
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pending application have not yet been allowed and there is no assurance that claim i 1 
of that application will be allowed and issue in its current form. Therefore, the 
Applicant believes that the double-patenting rejection is premature and, if made at all, 
should have been a provisional rejection. 

More importantly, however, the Applicant traverses the rejection based on its 
merits: the two claims are not coextensive in scope and therefore do not claim the 
same invention. The Office Action quoted the discussion of the statutory double- 
patenting rejection found in MPEP 804 U A which, citing court opinions, states that 
c "[s]ame invention' means identical subject matter." Claim 1 1 of the co-pending 
application and claim 12 of the present application do not claim "identical subject 
matter." For example, the control node of claim 12 is linked to both the client and the 
system node whereas the authorization module of claim 1 1 does not recite a link to the 
system host. The control node of claim 12 provides session information to both the 
client and the system node whereas the authorization module of claim 1 does not 
provide the system host with any information. The session information of claim 12 is 
provided to the client and the system node only if both satisfy at least one condition 
for accessing each other whereas claim 11 only recites that the client must be 
authorized to access the system host. The data node of claim 1 2 is coupled to the 
control node whereas a link is not recited between the verification module and 
authorization module in claim 11. The data node of claim 12 receives requests from 
both the system node and the client to access the other whereas the verification 
module of claim ! 1. only receives a request from the system host to verify that the 
client is authorized to access the host. Finally, claim 11 does not recite the 



establishment of a secure authenticated connection between the client and the system 
host as recited in claim 12 nor that the connection is based at least in pint on session 
information. Consequently, the two claims do not cover "the same subject matter" and 
the Applicant requests that the rejection be withdrawn. The Applicant would also like 
to note that foregoing comments do not in any way imply that the Applicant concedes 
that there is a equivalence between elements recited in claim 12 with elements recited 
in claim 1 1 . 

The Office Action also rejected claims 1 and 8 under non-statutory 
obviousness-type double patenting as being unpatentable over claims 1 and 6, 
respectively, of U.S. Patent Application No. 10/726,231. The Applicant respectfully 
disagrees with the rejection and also asserts that the rejection, if made at all, should 
have been provisional. MPEP 804 HB, again quoted in the Office Action, states that a 
non-statutory obviousness-type double patenting rejection is appropriate if "the 
examined application claim is either anticipated by, or would have been obvious over, 
the reference claim(s)." The Applicant respectfully disagrees with the analysis 
provided in paragraph 6 of the Office Action which asserts that "[t]he general concept 
of sending and receiving a request from the client and the server in order to 
communicate is well known in the art as an obvious communication technique." Such 
a statement ignores the separate functions of the control node and the data node of 
claim 1 of the present Application. Conventionally, when one node desires to 
communicate with another node, it initiates a request directed at the other node. In the 
present invention, however, a control node and a data node perform security functions 
between the client and the system node and both the client and system node must send 
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respective requests to the control node for each to access the other. Claim 1 of the co- 
pending application does not recite or suggest such steps. The forgoing comments 
apply equally to the traversal of the rejection of claim 8 of the present Application. 
Consequently, claims I and 6 of the co-pending application do not render claims 1 and 
8 of the present Application obvious and the Applicant requests that the rejection be 
withdrawn. 

Claim Rejections - 35 l.'.S.C 101 

The Office Action rejected claims 8-! 1. 12-18 and 20 under 35 U.S.C. 101 as 
being directed to non-statutory subject matter. However, the Applicant does not 
understand much of Paragraph 8 of the Office Action. First, the Applicant does not 
understand the reference to "page 2 section [0023] of the specification." Page 2 
includes parts of paragraphs [0004] and [0006] and all of paragraph [0005] and none 
of these paragraphs appear to apply to the rejection. Paragraph [0023] is on page 8 and 
also does not appear to apply to the rejection. Clarification is requested. 

The Applicant also does not understand the next sentence: "A computer 
program product can be considered authentication software as such claim 1 is 
classified as functional descriptive material." Clarification is requested, including an 
explanation of the relevance of claim 1 to this rejection. 

The rejection then states that "[i jn addition, there is no evidence of the process 
being taking place on a computer in the claim." However, rejected claim 8 recites: "A 
computer program product encoding computer programs for executing on a control 
node and a data node a computer process... ." It is quite clear from tins preamble that 



the "computer process" takes place on a computer. Moreover, the use of the term 
"node" is explained in paragraph [0020] on page 7 of the Specification: "As used 
herein, the term "node" is used to refer to hardware and software (entire computer 
system) used to perform various network services." Therefore, if this rejection is 
maintained, clarification is requested. 

More generally, the Applic «* dis; ^rees with - pi it ation of the broad assertion 
in paragraphs 8 and 9 of the Office Action that "it appears that the computer program 
product would reasonably be interpreted by one of ordinary skill in the art as software, 

per se " The implication is that a computer program product is unpatentable. 

However, computer program product claims have been upheld as being statutory 
subject matter since at least the Beauregard decision. 

Consequently, the Applicant respectfully requests that the rejection of claims 8- 
11, 12-18 and 20 under §101 be withdrawn or at least clarified in a subsequent, non- 
final Office Action. 

Claim Rejections - 35 C.S.C 1 02(b) 

The Office Action rejected claims 1-20 under 35 U'.S.C. 102(b) as being 
anticipated by U.S. Patent No. 4,995,112 to Aoyama (hereinafter referred to as 
"Aoyama"). Applicant respectfully traverses this rejection. 

Claim I, as amended, recites "A method comprising generating session 
information at the control node in response to a request from a client to access a 
system node and sending the session information to the client, the system node, and a 
data node if the client and system node satisfy at least one condition for accessing 



each other, receiving at the data node a request from the client to access the system 
node and a request from the system node to access the client and establishing a first 
secure authenticated connection between the client and the system node via the data 
node based at least in part on the session information," Independent claims 8 and 12 
include parallel recitations. Aoyama fails to teach or suggest all of these recitations. 

For example, Aoyama tails to disclose or suggest generating session 
information at the control node in response to a request from the client and fails 
further to disclose or suggest sending the session information to all three other 
components: the client, the system node and the data node. Additionally. Aoyama tails 
to disclose or suggest receiving at the data node two requests: a request from the client 
to access the system node and a request from the system node to access the client. In 
fact, Aoyama tails to even disclose both a data node and a control node. Rather, in the 
system of Aoyama, a component (element 3 in FIG. 3) of the node designated as node 
1 (element 2) merely serves as a "pass-through unit" by passing an access request to 
the node which the work station desires to access if the request includes the proper 
password. At no time does the target node receive any session information from node 
1 (including the pass-through unit) nor does the target node send to node 1 (including 
the pass-through unit) a converse request to access the work station. 

Thus, the components in Aoyama do not perform all of the functions recited in 
the claims and perform different functions than those recited in the claims. 
Consequently, Aoyama does not anticipate claims 1,8 or 12. 

With respect to claim 2. fails to disclose or suggest receiving at the control 
node a request form the client for session information. As previously noted, the 
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system of Aoyama does not disclose session information. The Office Action equates 
the "access request data" of Aoyama with session information. However, the "access 
request data" is merely that (data pertaining to the access request) and has the work 
station as its source. In contrast, it is the contra! node of the present invention which 
generates the session information and sends it TO the client (as well as to the data 
node and the system node) when requested by the client. Consequently, claim. 2 is not 
anticipated by Aoyama. 

With respect to claim 3. the Office Action asserts that "it is factual that ..." 
Thus, the Office Action cites no passage in the §102 reference that the system node is 
registered with the control node before the control node receives the request from the 
client. While this might be appropriate in a §103 obviousness rejection, the Applicant 
does not believe that such a statement is appropriate, even if true, in a §102 
anticipation rejection in which all of the claimed elements must be present or inherent 
in a single reference. Specifically, the Applicant disagrees with the assertion that "the 
server's network address has to be registered." In many networks, addresses are not 
registered. Instead, a data packet will contain a target address along with the data, A 
node on the network will compare the target address with its own address and, if they 
are the same, the node will accept the packet. Consequently, the statement in the 
Office Action is not part of all network protocols. Therefore, claim 3 is not disclosed 
by Aoyama and Aoyama does not anticipate claim 3. 

The recited elements of claim 4 are similarly not disclosed or inherent in 
Aoyama. There may be numerous system nodes on the network and yet only some of 
them may be registered with the control node, indicating their potential availability for 



access by the client. Moreover, not all system nodes may be available to all clients. 
The system of Aoyama is password-centric in that each node is associated with one or 
more passwords. Only if the work station transmits the correct password wi ll the work 
station be granted access to the desired node. Aoyama does not specifically or 
impliedly disclose providing the list of nodes to the client. Consequently, Aoyama 
does not anticipate claim 4. 

With respect to claim 6, the cited passages in Aoyama (col. 2, lines 15-20, lines 
52-53 and line 66) merely describe the directory which contains a list of nodes and 
corresponding passwords. No connection is made between the directory and any host 
unit. Consequently, Aoyama does not anticipate claim 6. 

The comments supporting the traversal of the rejection of claim 4 apply with 
respect to the rejection of claim 9 (although claim 9 only recites registering the system 
node, not providing a list of registered system nodes to the client). 

With respect to claims 10 and 14, as described in the Specification and recited 
in the amended claim, the updated dynamic address for the system node is maintained 
in a client database at the control node. The address is not kept at the client. Moreover, 
Aoyama does not disclose the use of a dynamic network address. It is noted in 
paragraph [0026] of the Specification that "[ujse of a dynamic network address adds 
another layer of security to the network connection because a client 220 cannot simply 
store the network address and reuse it at a later time to regain access to the system 
node 230. Instead, the dynamic network address is updated at the control node 210 
and the client 220 has to request the current network address from the control node 
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210 before the client 220 is able to access the system node 230." Consequently. 
Aoyama does not anticipate claim 10. 

In addition to the comments made above with respect to claims 1, 6 and 12, 
some further comments are warranted with respect to claim 12. The Office Action 
equates the pass-through unit of Aoyama with the control node of claim 12 and the 
directory of Aoyama with the data node of claim 12. The Applicant respectfully 
disagrees with the assertion of equivalence and that Aoyama discloses each element of 
claim 12. For example, the directory of Aoyama is merely that- a directory which is 
part of a storage device associated with the pass-through unit (column 2, lines 65-68 
of Aoyama). The directory contains nodes and corresponding passwords (FIG. 5). The 
director is not a node as described in the present Application and cannot receive 
requests from the work station or from a node, Aoyama does not disclose or suggest 
that the storage device communicates with any component other than the pass-through 
unit. Implicit is that the communications between the storage device and the pass- 
through unit are conventional I/O commands and data; the directory does not perform 
any network operations. Thus, Aoyama fails to disclose a data node, a data node that 
receives a request from the client to access the system node, a data node thai receives 
a request from the system node to access the client, or a data node that establishes any 
connection between the client and the system node. Consequently, Aoyama does not 
anticipate claim 12. 

The comments supporti ng the traversal of the rejection of clai ms 5-7 apply with 
respect to the rejection of claims 1 1 and 16. 



15 



With respect to claim 13, m noted above, the session information is generated 
by the control node and provided to the data node, the client and the system node, In 
contrast, the access request data of Aoyama is generated by the work station. 
Consequently, claim 13 is not anticipated by Aoyama. 

With respect to claim 17, as noted above in the comments traversing the 
rejection of Claims 10 and 14, the "client database" is maintained at the control node, 
not, as asserted in the Office Action, at the client. Consequently, claim 17 is not 
anticipated by Aoyama. 

With respect to claim 18, the data structure is maintained by the control node 
(see claim 17), not by the client. Consequently, claim 18 is not anticipated by 
Aoyama. 

In addition, the Applicant respectfully asserts that the dependent claims are 
further allowable based on the allowability of the respective independent claims. 

Consequently, Aoyama does not anticipate claims 1-20 and withdrawal of the 
§102 rejection is respectfully requested. 
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Conclusion 

For the foregoing reasons, the pending claims are believed to be allowable, the 
Application is believed to be in condition for allowance and the Applicant respectfully 
requests that a timely Notice of Allowance be issued in this matter . The Examiner is 
encouraged to contact the undersigned by telephone if a conversation would expedite 
prosecution of this case 

Respectful !y Submitted, 

Dated: May 28. 2007 By: 

Mark D. Trenner 
Reg. No. 43,961 
(720)221-3708 
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